What is GDPR compliance ?

The General Data Protection Regulation (GDPR) harmonizes data privacy laws across Europe to protect all data belonging to EU citizens and residents. While organizations that sell or market to the EU must be compliant by May 2018, thereís potential opportunity for a new level of business growth.

Privacy by design and privacy by default

GDPR states that the processing organization should adopt internal policies and implement measures that meet, in particular, the principles of data protection by design and data protection by default. A data protection impact assessment will help you achieve this by ensuring that all personal data collection, processing, storage and destruction measures are designed to secure privacy.

Consent Lifecycle Management

  • Any self-care user profile creation, user provisioning to other systems, sharing of user attributes through SSO, and identity federation are fully based on user consent
  • Users can review, modify, and revoke previously given consent via the self-care user portal or RESTful Consent API
  • Consent API can also be used to integrate Server consent management capabilities with existing applications
  • Product can be used to manage consent of any 3rd party application via the RESTful Consent API

What are the customer rights?

GDPR defines consent as any freely given, specific, informed and unambiguous indication from individuals to legitimize an individual's personal data by the processing organizations. The processing organization should be able to demonstrate proof of consent and allow individuals to review previously given consents and withdraw it if necessary.

Privacy Toolkit

  • Can be used to anonymize PII data scattered in databases thatís connected to Server
  • Can be used to anonymize PII data scattered in log files
  • Can be used with older versions of Server as well
  • Can be extended to support for custom components deployed in Server
  • Should not create performance bottlenecks for running system
  • Should be possible to run the toolkit outside Server runtime
  • Should be automation friendly